Cisco Notification Alert -Prime - DCNM-01-Oct-2015 16:50 GMT

Feedback Sign Up Unsubscribe         End-of-Sale and End-of-Life Announcements - Prime Data Center Network Manager Title: End-of-Sale and End-of-Life Announcement for the Cisco Prime Data Center Network Manager Software Release 6.x Description: Cisco announces the end-of-sale and end-of-life dates for the Cisco Prime Data Center Network Manager Software Release 6.x. The last day to order the affected product(s) is March 15, 2016. Customers with active service contracts will continue to receive support from the Cisco Technical Assistance Center (TAC) as shown in Table 1 of the EoL bulletin. Table 1 describes the end-of-life milestones, definitions, and dates for the affected product(s). Table 2 lists the product part numbers affected by this announcement. For customers with active and paid service and support contracts, support will be available under the terms and conditions of customers' service contract. Click here for the French Version of this Bulletin. Date: 11-SEP-2015 Find additional information in End-of-Sale and End-of-Life Products Security Advisories & Responses - Prime Data Center Network Manager Title: OpenSSL Alternative Chains Certificate Forgery Vulnerability (July 2015) Affecting Cisco Products Description: On July 9, 2015, the OpenSSL Project released a security advisory detailing a vulnerability affecting applications that verify certificates, including SSL/Transport Layer Security (TLS)/Datagram Transport Layer Security (DTLS) clients and SSL/TLS/DTLS servers using client authentication. Multiple Cisco products incorporate a version of the OpenSSL package affected by this vulnerability that could allow an unauthenticated, remote attacker to cause certain checks on untrusted certificates to be bypassed, enabling the attacker to forge "trusted" certificates that could be used to conduct man-in-the-middle attacks. This advisory will be updated as additional information becomes available. Cisco will release free software updates that address this vulnerability. Workarounds that mitigate this vulnerability may be available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150710-openssl Date: 16-SEP-2015 Title: Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products Description: Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service condition or perform a man-in-the-middle attack. On January 8, 2015, the OpenSSL Project released a security advisory detailing eight distinct vulnerabilities. The vulnerabilities are referenced in this document as follows: CVE-2014-3571: OpenSSL DTLS Message Processing Denial of Service Vulnerability CVE-2015-0206: OpenSSL dtls1_buffer_record Function DTLS Message Processing Denial of Service Vulnerability CVE-2014-3569: OpenSSL no-ssl3 Option NULL Pointer Dereference Vulnerability CVE-2014-3572: OpenSSL Elliptic Curve Cryptographic Downgrade Vulnerability CVE-2015-0204: OpenSSL RSA Temporary Key Cryptographic Downgrade Vulnerability CVE-2015-0205: OpenSSL Diffie-Hellman Certificate Validation Authentication Bypass Vulnerability CVE-2014-8275: OpenSSL Certificate Fingerprint Validation Vulnerability CVE-2014-3570: OpenSSL BN_sql Function Incorrect Mathematical Results Issue Cisco will release software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities may be available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl Date: 22-SEP-2015 Find additional information in Cisco Security Advisories & Responses Software Updates for Prime Data Center Network Manager Product Name: Prime Data Center Network Manager Software Type: Data Center Network Manager Release Version: 7.2(2) Alert Type: New File File Name: dcnm-installer-x64-linux.7.2.2.bin File Description: DCNM 7.2.2 Installer for Linux (64-bit) File Release Date: 30-SEP-2015 Alert Type: New File File Name: dcnm-installer-x64-windows.7.2.2.exe File Description: DCNM 7.2.2 Installer for Windows (64-bit) File Release Date: 30-SEP-2015 Alert Type: New File File Name: dcnm-san-client.7.2.2.zip File Description: DCNM 7.2.2 San Client Package File Release Date: 30-SEP-2015 Alert Type: New File File Name: dcnm-va.7.2.2.iso File Description: DCNM 7.2.2 ISO Virtual Appliance for VMWare, KVM and Bare-metal servers File Release Date: 30-SEP-2015 Alert Type: New File File Name: dcnm-va-templates.7.2.2.zip File Description: DCNM 7.2.2 Virtual Appliance templates for VMWare (.ovf) and KVM (domain XMLs) environments File Release Date: 30-SEP-2015 Alert Type: New File File Name: dcnm-va.7.2.2.ova File Description: DCNM 7.2.2 Open Virtual Appliance for VMWare File Release Date: 30-SEP-2015 Alert Type: New File File Name: dcnm-silent-installer-properties.7.2.2.zip File Description: DCNM 7.2.2 Silent Installer Property Files File Release Date: 30-SEP-2015 Find additional information in Software Downloads index. Known Bugs - Prime Data Center Network Manager Alert Type: Updated * Bug Id: CSCus29299 Title: system dyn vlan should be mutually exclusive with global Mobility domain Status: Fixed Severity: 3 Moderate Description: Symptom: VDP detection on nexus 5600 does not function Conditions: When the Global Mobility Domain detectable VLAN range is set with overlapping values of the system dynamic VLAN range Workaround: Set the Global Mobility Domain detectable VLAN range to be non-overlapping. Further Problem Description: Last Modified: 03-SEP-2015 Known Affected Releases: 7.1(1)S19 Known Fixed Releases: * 7.1(1.96)S0, 7.3(0)SL(0.106), 7.3(0)ZD(0.83) Alert Type: Updated * Bug Id: CSCuv58513 Title: Error seein in Selective HA upgrade from a standalone system Status: Fixed Severity: 3 Moderate Description: Symptom: Selective HA setup completes, but reports some errors and the Fabric General settings page is missing the peer LDAP IP address. Conditions: Install 2 DCNM 721 instances to setup a Selective HA setup. Restore the backup from a DCNM 712 standalone on this. Now try to setup the Selective HA, and the installation is mostly complete, however there is a duplicate DB insert error. Workaround: cd /usr/local/cisco/dcm/db/bin ./psql -Udcnmuser dcmdb password -- Run the following commands: > update svr_prop set value='' where key='dfa.ldapPeerPassWord'; > update svr_prop set value='cn=admin,dc=cisco,dc=com' where key='dfa.ldapPeerUserName'; > update svr_prop set value='eth1-ip-address-of-peer' where key='dfa.ldapPeerServer'; > update svr_prop set value='auto-config' where key='dfa.selectiveHAFeature'; Further Problem Description: Last Modified: 12-SEP-2015 Known Affected Releases: 7.2(1) Known Fixed Releases: * 7.2(1.82)S0 Alert Type: Updated * Bug Id: CSCut48826 Title: Notify Border Leaf option on BL/ER pairing is cleared in remote DB case Status: Fixed Severity: 3 Moderate Description: Symptom: "Notify Border Leaf when relevant partitions are changed" checkbox is always cleared and the leafs do not get their configuration updated. Conditions: Happens when DCNM is configured with Oracle DB and partitions are extended. Workaround: 'Manually run cli "fabric database auto-pull dci vrf VFRName node-id borderLeafIP peer-id edgeRouterIP" on the border leafs. Further Problem Description: Last Modified: 05-SEP-2015 Known Affected Releases: 7.1(1.81) Known Fixed Releases: * 6.2(13)FM(0.54), 6.2(13)GS(0.15), 6.2(13.1)S0, 7.1(1.91)S0, 7.2(0.5)S0, 7.3(0)D1(0.71), 7.3(0)DHB(0.31), 7.3(0)FM(0.4), 7.3(0)HM(0.5), 7.3(0)MMD(0.9) Alert Type: Updated * Bug Id: CSCub00716 Title: DCNM: TLS1.0/SSL3.0 Information Disclosure Vulnerability (CVE-2011-3389) Status: Fixed Severity: 3 Moderate Description: Symptom: Cisco DCNM includes a version of OpenSSL that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE-2011-3389 and CVE-2008-5161 This bug was opened to address the potential impact on this product. Conditions: Device with default configuration. Workaround: Not currently available. Further Problem Description: Additional details about the vulnerabilities listed above can be found at http://cve.mitre.org/cve/cve.html PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 4.3/3.9: http://tools.cisco.com/security/center/cvssCalculator.x?vector=AV:N/AC:M/Au:N/C:P/I:N/A:N/E:POC/RL:U/RC:C&version=2.0 CVE ID CVE-2011-3389 and CVE-2008-5161has been assigned to document this issue. Additional information on Cisco's security vulnerability policy can be found at the following URL: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html Last Modified: 05-SEP-2015 Known Affected Releases: 5.2(2c), 6.2(3) Known Fixed Releases: * 6.2(11)FI(0.8), 6.2(11)S2, 6.2(11.1)S0, 6.2(13)FM(0.13), 6.2(13)GS(0.13), 6.2(5)S32, 6.3(0.165)S0, 6.3(0.74)S0, 6.3(1)S5, 6.3(1.3)S0 Alert Type: New Bug Id: CSCuw12452 Title: DCNM-SAN: Brocade HBA is shown as switch under "switch-list" Status: Open Severity: 4 Minor Description: Symptom: Brocade HBA is showing as switch in DCNM-SAN under switch list Conditions: Brocade HBA with OUI 0x000533 Workaround: None Further Problem Description: Last Modified: 05-SEP-2015 Known Affected Releases: 7.1(1) Known Fixed Releases: Alert Type: Updated * Bug Id: CSCuv49839 Title: Partition ID should be configurable Status: Open Severity: 6 Enhancement Description: Symptom: Partition ID should be configurable and go along with the VRF/VLAN/L3VNI pool requirement Conditions: new install with default values Workaround: none Further Problem Description: Last Modified: 30-SEP-2015 Known Affected Releases: 7.2(1) Known Fixed Releases: * 7.2(2.14)S0 Alert Type: Updated * Bug Id: CSCuv05441 Title: [Feature req] Option to resolve port conflicts during DCNM upgrade Status: Open Severity: * 6 Enhancement Description: Symptom: An error is thrown during DCNM upgrade that prevents the upgrade from continuing because of unresolved port-conflicts. Conditions: upgrading DCNM when using non-default ports. Workaround: Kill services using those ports. (Although this can create a conflict later between the other non-dcnm services and the dcmm services) Further Problem Description: This is a feature request for the ability to auto-resolve port conflicts during upgrade Last Modified: 14-SEP-2015 Known Affected Releases: 6.3(2) Known Fixed Releases: Alert Type: Updated * Bug Id: CSCuv49645 Title: Extend Partition shows green checkmark, even if BL auto-config fails Status: Open Severity: * 6 Enhancement Description: Symptom: Extending Partition in DCNM Auto-Config does show green check-mark, even if configuration on Switch fails. No rollback is perform in DCNM for erroneous situation Conditions: extending a partition Workaround: Disable Extension correct failure in BL auto-config Enable Extension Further Problem Description: Last Modified: 28-SEP-2015 Known Affected Releases: 7.1(1), 7.1(2), 7.2(1) Known Fixed Releases: Alert Type: Updated * Bug Id: CSCuw09446 Title: DCNM SAN client only one user can update config on switch. Status: Open Severity: * 6 Enhancement Description: Symptom: DCNM WebUI/Admin/Data Sources show N5K switches discovered by usrdcnm and N7K switches discovered by dcnm-operator. When in DCNM-LAN client user A (neither usrdcnm or dcnm-operator) can send configuration to N5K. On the same computer DCNM-LAN client, user B (neither usrdcnm or dcnm-operator) can not send configuration. Receives error - Delivery failed because of device connection issues. Conditions: DCNM 7.1(2) Workaround: None Further Problem Description: Last Modified: 14-SEP-2015 Known Affected Releases: 7.1(2.1) Known Fixed Releases: Find additional information in Bug Search index.   2013 Cisco and/or its affiliates. All rights reserved. Terms & Conditions | Privacy Statement | Cookie Policy | Trademarks